By default, when you sign into Zendesk, your session remains valid as long as user activity occurs. Also, by default, a session will timeout after 8 hours of inactivity.
- User activity is defined as when you click something explicitly in the Zendesk user interface, or when the application pulls information automatically in the background. Information pulls happens often to keep the Zendesk interface up to date, but pulls don't occur uniformly across all Zendesk pages.
- The Zendesk timeout countdown starts when you close your browser, or quit the browser tab where the Zendesk session is running. The timeout countdown can also be triggered when you put your computer to sleep or turn it off. When the timeout limit is reached, Zendesk terminates your sign in session, and you have to sign in again to use Zendesk.
To prevent timeout after 8 hours of inactivity, select the Stay signed in checkbox when you authenticate to Zendesk.
If you select Stay signed in, Zendesk sets a cookie that is used to sign you in again. This cookie will expire if it’s not used within 2 weeks. Alternatively, it will last forever if it keeps getting used.
If Stay signed in is not selected, by default sessions expire after 8 hours of inactivity.
There are other technical differences and edge cases, but the main idea is that if a user is active, they will never be signed out. If they are inactive and haven't selected Stay signed in, the session will last 8 hours. If they are inactive and they have selected Stay signed in, then the session will last for 2 weeks.
Regardless of the setting you use, an individual session is immediately terminated once you explicitly sign out of Zendesk.
Other factors that can impact session timeout include:
- A password change deletes the Stay signed in cookie, so the session will expire after 8 hours. Nevertheless, Zendesk will recognize if you have chosen to Stay signed in and sign you back in.
- A Zendesk administrator can extend the 8 hour timeout (for users who have not selected Stay signed in) and set a custom session expiration as part of the Advanced > Authentication security policy .